package com.hzt.system.realm;

import com.hzt.system.common.ActiveUser;
import com.hzt.system.common.Constant;
import com.hzt.system.domain.Role;
import com.hzt.system.domain.User;
import com.hzt.system.service.MenuService;
import com.hzt.system.service.RoleService;
import com.hzt.system.service.UserService;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Lazy;

import java.util.List;

/**
*
* 声明realm
* @Author:hzt
* @Date:9:03 上午 2020/7/7
*/

public class UserRealm extends AuthorizingRealm {


    @Autowired
    @Lazy
    private UserService userService;

    @Autowired
    @Lazy
    private RoleService roleService;

    @Autowired
    @Lazy
    private MenuService menuService;




    @Override
    public String getName() {
        return this.getClass().getSimpleName();
    }

    /**
     * 认证
     * @param token
     * @return
     * @throws AuthenticationException
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        String userName=token.getPrincipal().toString();
        User user = this.userService.queryUserByLoginName(userName);
        if(null!=user){
            ActiveUser activeUser=new ActiveUser();
            activeUser.setUser(user);
            //根据用户id查询角色对象的集合
            List<String> roles=this.roleService.queryRoleNamesByUserId(user.getId());
            //根据用户id查询菜单权限的集合
            List<String> permissons=this.menuService.queryPermissionodeByUserId(user.getId());
            activeUser.setRoles(roles);
            activeUser.setPermissions(permissons);


            /**
             * 参数1传输对象 可以传到doGetAuthorizationInfo 也可以传到subject.getPrincipal() 参数2 加密后的字符串
             * 参数3 盐 参数4 当前类名
             */
            SimpleAuthenticationInfo info=new SimpleAuthenticationInfo(activeUser,user.getPwd(), ByteSource.Util.bytes(user.getSalt()),getName());
            return info;
        }
        return null;
    }

    /**
    *
    *
    * @Author:hzt
    * @Date:2:26 上午 2020/7/7
    */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        ActiveUser activityUser = (ActiveUser)principalCollection.getPrimaryPrincipal();
        List<String> permissions = activityUser.getPermissions();
        List<String> roles = activityUser.getRoles();
        User user = activityUser.getUser();
        //判断是否是超级管理员
        if(user.getType().equals(Constant.USER_TYPE_SUPER)){
            info.addStringPermission("*:*"); //只对注解有用
        }else{
            if(null!=roles&&roles.size()>0){
                info.addRoles(roles);
            }
            if(null!=permissions&&permissions.size()>0){
                info.addStringPermissions(permissions);
            }
        }
        return info;

    }
}
